This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Fix writing beyond array bounds in codecvt/unshift/char/1.cc
- From: Alexander Monakov <amonakov at ispras dot ru>
- To: gcc-patches at gcc dot gnu dot org
- Cc: Benjamin Kosnik <bkoz at redhat dot com>
- Date: Tue, 13 Apr 2010 18:26:06 +0400 (MSD)
- Subject: Fix writing beyond array bounds in codecvt/unshift/char/1.cc
Hi,
'size' definition seemingly does not account for a zero byte, and thus strcpy
call near the end of the test overwrites one byte beyond allocated memory,
which may lead to spurious test failures. The patch simply bumps size to 24.
OK for trunk?
2010-04-13 Alexander Monakov <amonakov@ispras.ru>
* 22_locale/codecvt/unshift/char/1.cc (test01): Increase size to avoid
writing past allocated memory.
diff --git a/libstdc++-v3/testsuite/22_locale/codecvt/unshift/char/1.cc b/libstdc++-v3/testsuite/22_locale/codecvt/unshift/char/1.cc
index ba417af..8a45efc 100644
--- a/libstdc++-v3/testsuite/22_locale/codecvt/unshift/char/1.cc
+++ b/libstdc++-v3/testsuite/22_locale/codecvt/unshift/char/1.cc
@@ -35,7 +35,7 @@ void test01()
bool test __attribute__((unused)) = true;
const char* c_lit = "black pearl jasmine tea";
const char* from_next;
- int size = 23;
+ int size = 24;
char* c_arr = new char[size];
char* c_ref = new char[size];
char* to_next;